All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] update quota match for xtables + fix -D bug
@ 2006-08-02  2:43 Phil Oester
  2006-08-08  9:33 ` Patrick McHardy
  0 siblings, 1 reply; 2+ messages in thread
From: Phil Oester @ 2006-08-02  2:43 UTC (permalink / raw)
  To: netfilter-devel

[-- Attachment #1: Type: text/plain, Size: 426 bytes --]

The iptables quota match has not been updated to reflect the new xtables
location/structures in 2.6.18-rc.  In addition, it has a bug which makes
it impossible to delete a rule once added.  E.g.:

# iptables -A foo -m quota --quota 1111 -j RETURN
# iptables -D foo -m quota --quota 1111 -j RETURN
iptables: Bad rule (does a matching rule exist in that chain?)

Below patch fixes both issues and resolve bugzilla #496.

Phil



[-- Attachment #2: patch-quota --]
[-- Type: text/plain, Size: 2311 bytes --]

diff -ru ipt-orig/extensions/libipt_quota.c ipt-new/extensions/libipt_quota.c
--- ipt-orig/extensions/libipt_quota.c	2005-02-14 05:13:04.000000000 -0800
+++ ipt-new/extensions/libipt_quota.c	2006-08-01 19:05:28.000000000 -0700
@@ -3,12 +3,13 @@
  *
  * Sam Johnston <samj@samj.net>
  */
+#include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <getopt.h>
 #include <iptables.h>
 
-#include <linux/netfilter_ipv4/ipt_quota.h>
+#include <linux/netfilter/xt_quota.h>
 #include <linux/netfilter_ipv4/ip_tables.h>
 
 static struct option opts[] = {
@@ -28,7 +29,7 @@
 static void
 print(const struct ipt_ip *ip, const struct ipt_entry_match *match, int numeric)
 {
-        struct ipt_quota_info *q = (struct ipt_quota_info *) match->data;
+        struct xt_quota_info *q = (struct xt_quota_info *) match->data;
         printf("quota: %llu bytes", (unsigned long long) q->quota);
 }
 
@@ -36,7 +37,7 @@
 static void
 save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 {
-        struct ipt_quota_info *q = (struct ipt_quota_info *) match->data;
+        struct xt_quota_info *q = (struct xt_quota_info *) match->data;
         printf("--quota %llu ", (unsigned long long) q->quota);
 }
 
@@ -62,7 +63,7 @@
       const struct ipt_entry *entry,
       unsigned int *nfcache, struct ipt_entry_match **match)
 {
-        struct ipt_quota_info *info = (struct ipt_quota_info *) (*match)->data;
+        struct xt_quota_info *info = (struct xt_quota_info *) (*match)->data;
 
         switch (c) {
         case '1':
@@ -89,8 +90,8 @@
 	.next		= NULL,
 	.name		= "quota",
 	.version	= IPTABLES_VERSION,
-	.size		= IPT_ALIGN(sizeof (struct ipt_quota_info)),
-	.userspacesize	= IPT_ALIGN(sizeof (struct ipt_quota_info)),
+	.size		= IPT_ALIGN(sizeof (struct xt_quota_info)),
+	.userspacesize	= offsetof(struct xt_quota_info, quota),
 	.help		= &help,
 	.parse		= &parse,
 	.final_check	= &final_check,
diff -ru ipt-orig/extensions/.quota-test ipt-new/extensions/.quota-test
--- ipt-orig/extensions/.quota-test	2001-12-03 14:22:55.000000000 -0800
+++ ipt-new/extensions/.quota-test	2006-08-01 17:48:12.000000000 -0700
@@ -1,3 +1,3 @@
 #!/bin/sh
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_quota.h ] && echo quota
+[ -f $KERNEL_DIR/include/linux/netfilter/xt_quota.h ] && echo quota
 

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-08-08  9:33 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-08-02  2:43 [PATCH] update quota match for xtables + fix -D bug Phil Oester
2006-08-08  9:33 ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.